package synology.http;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.StringWriter;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

import sun.net.www.protocol.https.HttpsURLConnectionImpl;
import synology.SynoBean;

public class SynoHTTPClient
{
	private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();
	private SynoBean bean;
	private String sessionId;
	private SSLSocketFactory factory;


	//--------------------------------------------------------------------------------------------
	public SynoHTTPClient(SynoBean bean)
	{
		this.bean = bean;
	}


	//--------------------------------------------------------------------------------------------
	public void connect()
	throws Exception
	{
		String host = bean.getUrl();
		String s_port = bean.getPort();
		int port = Integer.parseInt(s_port);

		char[] passphrase = "changeit".toCharArray();

		File file = new File("jssecacerts");
		if (file.isFile() == false)
		{
			char SEP = File.separatorChar;
			File dir = new File(System.getProperty("java.home") + SEP + "lib" + SEP + "security");
			file = new File(dir, "jssecacerts");
			if (file.isFile() == false)
			{
				file = new File(dir, "cacerts");
			}
		}

		System.out.println("Loading KeyStore " + file + "...");
		InputStream in = new FileInputStream(file);
		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
		ks.load(in, passphrase);
		in.close();

		SSLContext context = SSLContext.getInstance("TLS");
		TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
		tmf.init(ks);
		X509TrustManager defaultTrustManager = (X509TrustManager) tmf.getTrustManagers()[0];
		SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
		context.init(null, new TrustManager[] { tm }, null);
		factory = context.getSocketFactory();

		System.out.println("Opening connection to " + host + ":" + port + "...");
		SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
		socket.setSoTimeout(10000);
		try
		{
			System.out.println("Starting SSL handshake...");
			socket.startHandshake();
			socket.close();
			System.out.println();
			System.out.println("No errors, certificate is already trusted");
		}
		catch (SSLException e)
		{
			System.out.println();
			e.printStackTrace(System.out);
		}

		X509Certificate[] chain = tm.chain;
		if (chain == null)
		{
			System.out.println("Could not obtain server certificate chain");
			return;
		}

		BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));

		System.out.println();
		System.out.println("Server sent " + chain.length + " certificate(s):");
		System.out.println();
		MessageDigest sha1 = MessageDigest.getInstance("SHA1");
		MessageDigest md5 = MessageDigest.getInstance("MD5");
		for (int i = 0; i < chain.length; i++)
		{
			X509Certificate cert = chain[i];
			System.out.println(" " + (i + 1) + " Subject " + cert.getSubjectDN());
			System.out.println("   Issuer  " + cert.getIssuerDN());
			sha1.update(cert.getEncoded());
			System.out.println("   sha1    " + toHexString(sha1.digest()));
			md5.update(cert.getEncoded());
			System.out.println("   md5     " + toHexString(md5.digest()));
			System.out.println();
		}

		System.out.println("Enter certificate to add to trusted keystore or 'q' to quit: [1]");
		String line = reader.readLine().trim();
		int k;
		try
		{
			k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1;
		}
		catch (NumberFormatException e)
		{
			System.out.println("KeyStore not changed");
			return;
		}

		X509Certificate cert = chain[k];
		String alias = host + "-" + (k + 1);
		ks.setCertificateEntry(alias, cert);

		OutputStream out = new FileOutputStream("jssecacerts");
		ks.store(out, passphrase);
		out.close();

		System.out.println();
		System.out.println(cert);
		System.out.println();
		System.out.println("Added certificate to keystore 'jssecacerts' using alias '" + alias + "'");
	}


	//--------------------------------------------------------------------------------------------
	public void login() 
	throws Exception
	{
		String s_url = bean.getProtocol() + "://" + bean.getUrl() + ":" + bean.getPort() + "/login/login.cgi?" 
						+ "userType=1&" 
						+ "name=" + bean.getLogin() + "&" 
						+ "passwd=" + bean.getPassword() + "&" 
						+ "btn_submit=enter&" 
						+ "login_action=login&" 
						+ "path=&" 
						+ "restart=no&" 
						+ "systemfull=no";
		
		URL url = new URL(s_url);

		HttpURLConnection http = (HttpURLConnection) url.openConnection();
		HttpsURLConnectionImpl ssl = (HttpsURLConnectionImpl) http;
		ssl.setSSLSocketFactory(factory);
		ssl.setHostnameVerifier(new HostnameVerifier()
		{
			public boolean verify(String hostname, SSLSession session)
			{
				return true;
			}
		});
		http.setDoOutput(true);
		http.setDoInput(true);
		http.setAllowUserInteraction(true);
		int responseCode = http.getResponseCode();
		BufferedReader br = new BufferedReader(new InputStreamReader(http.getInputStream()));
		String tmp = br.readLine();
		// new FileWriter(new
		// File("/Users/mike/workspace/Tryout/resources/rest.html"));
		StringWriter writer = new StringWriter();
		while (tmp != null)
		{
			writer.write(tmp + "\n");
			tmp = br.readLine();
		}
		writer.flush();
		writer.close();

		String s = writer.toString();
		String pattern = "<input type=\"hidden\" name=\"id\" value=\"";
		int i = s.indexOf(pattern);
		sessionId = s.substring(i + pattern.length(), s.indexOf("\"", i + pattern.length() + 1));
	}


	private String toHexString(byte[] bytes)
	{
		StringBuilder sb = new StringBuilder(bytes.length * 3);
		for (int b : bytes)
		{
			b &= 0xff;
			sb.append(HEXDIGITS[b >> 4]);
			sb.append(HEXDIGITS[b & 15]);
			sb.append(' ');
		}
		return sb.toString();
	}


	//--------------------------------------------------------------------------------------------
	//--------------------------------------------------------------------------------------------
	private static class SavingTrustManager implements X509TrustManager
	{
		private final X509TrustManager tm;
		private X509Certificate[] chain;


		//----------------------------------------------------------------------------------------
		SavingTrustManager(X509TrustManager tm)
		{
			this.tm = tm;
		}


		//----------------------------------------------------------------------------------------
		public X509Certificate[] getAcceptedIssuers()
		{
			return null;
		}


		//----------------------------------------------------------------------------------------
		public void checkClientTrusted(X509Certificate[] chain, String authType)
		throws CertificateException
		{
		}


		//----------------------------------------------------------------------------------------
		public void checkServerTrusted(X509Certificate[] chain, String authType)
		throws CertificateException
		{
			this.chain = chain;
		}
	}
}
